netBIOS

I used to get alot of those when sasser and all its variants were in the wild. I also got a lot of port scans as well. Its fairly common for worms and trojans to try to connect to computers on ports where there are known security holes.

On further inspection however, that is an internal IP address that is trying to connect. Do you have your WAP open? Someone may be piggybacking on your connection and trying to browse your computer.
 
Thats what it sounds like to me, unless he just has other computers on the network, i do know that if there are, windows will check to see if the other computers are alive.
 
uid=[0] said:
To fix this issue, you need to disable file/print sharing. that is why it is on. to do this you can use msconfig and go to the services tab, and disable the option titled "Server"

---edited---

also i noticed, that your probably running a netgear router. if so chances are you shouldnt have to worry about it, unless your wireless is open.
Click to expand...

Well, im not on that kinda network. Its just shared wireless internet. Not shared printing.

D-Link and encrypted.

DanielASanders said:
I used to get alot of those when sasser and all its variants were in the wild. I also got a lot of port scans as well. Its fairly common for worms and trojans to try to connect to computers on ports where there are known security holes.

On further inspection however, that is an internal IP address that is trying to connect. Do you have your WAP open? Someone may be piggybacking on your connection and trying to browse your computer.
Click to expand...

Well, my mom has a wireless laptop, but its not piggybacking off my connection. Because its wireless, and she has the network code in it.

uid=[0] said:
Thats what it sounds like to me, unless he just has other computers on the network, i do know that if there are, windows will check to see if the other computers are alive.
Click to expand...

Correct two others on the wirelss. Although, one isnt in use. And as I said before the other isnt piggybacking off mine. Unless I dont know what im talkiing about, lol.
 
For clarification, by piggybacking I meant using your wireless connection without your consent. Wardrivers, "haXors", people with too much free time, etc.

I believe that this is nothing to worry about. As uid=[0] pointed out, Windows will search the network sending the NetBIOS packets out to discover any computers. Just to make sure, I would check the IP address on the other computers and see if one matches the one you are getting the alert to. If it is, you are in the clear. If not, its time to change security settings on the WAP. :)
 
its not a hacker, i get the same thing on my other comps with zone alarm, im pretty sure its just one of the other comps trying to connect with that comp just to see if its there or something, just block it and tell it not to show again
 
ArrizX said:
Well, im not on that kinda network. Its just shared wireless internet. Not shared printing.
Click to expand...
It does not matter, more often that not, windows has that option enabled by default. So regardless of if you are or are not, you still need to check that, and chances are that it is still on. also you say its coming from the same ip? do you manually configure the IP's on your computer? If not i might suggest doing that, so you know.... Computer A. = 192.168.0.10 B. = 192.168.0.11 and so on, so when you get an ip with activity, other what one you have assigned you will know it is not one of your computers, and you can go into your DHCP settings in your router, and configure it for only 5 computers online, or for however many computers you have. for example.... if you have 5 set it to allow 5, otherwise if you dont, your basicly allowing anyone who can crack your WEP key to walk right into your network.
 
No one is cracking my WEP key on my router. I live almost litterally in the the midle of no where. So, its possible is this one dude on the internet. Because hes pissed that I banned him. So.. Yeah..
 
Not likely, unless he is an uber leet haxor, he will not get past the hardware firewall on your router, unless of course it is not on, or you are sitting in the DMZ port. and besides.... that is an internal ip. not external. he would have to be sitting on your network to do that. such as if he was able to sucessfully hack one of the other computers on your network.
 
You must log in or register to reply here.

Similar threads

I
Greetings, new here!
Replies
2
Views
539
grantheo
grantheo
M
How to couple Desktop Gaming PC to Laptop for Streaming?
Replies
0
Views
537
motaro38
M
S
Would it benefit me joining Discord chat groups?
Replies
0
Views
883
Scissorman
S
Andrewx
Why Blogging Seems Harder in 2023
Replies
1
Views
801
fusionha
F
O
hello & mostly clueless & would appreciate mac security help after trojan attack!
Replies
0
Views
928
once2023
O
Back
Top Bottom